WHAT IS CLAIMED IS: 



1 1 . An electronic commerce card authentication system comprising: 

2 a central transaction server adapted to: 

3 receive an authentication request from a cardholder system; 

4 forward the authentication request to an access control server; 

5 relay authentication information between the access control server and 

6 the cardholder system; 

7 receive an authentication response from the access control server; and 

8 forward the authentication response to the cardholder system. 

1 2. The electronic commerce card authentication system of claim 1, 

2 wherein the authentication response is adapted to be analyzed by a merchant system. 

1 3. The electronic commerce card authentication system of claim 1, 

2 wherein the central transaction server is adapted to forward a copy of the authentication 

3 response to an authentication history server to be archived. 

1 4. The electronic commerce card authentication system of claim 1, 

2 wherein the central transaction server is further adapted to receive a verifying enrollment 

3 request from a directory server, and to send a verifying enrollment response to the directory 

4 server. 

1 5. The electronic commerce card authentication system of claim 4, 

2 wherein the central transaction server is adapted to send the verifying enrollment response in 

3 response to a query to the access control server. 

1 6. The electronic commerce card authentication system of claim 4, 

2 wherein the central transaction server is adapted to send the verifying enrollment response to 

3 the directory server with or without querying the access control server, and is further adapted 

4 to query the access control server in response to receiving an authentication request. 

1 7. The electronic commerce card authentication system of claim 1, 

2 wherein the authentication request includes a pseudonym corresponding to an electronic 

3 commerce card account number and previously created by the central transaction server. 
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1 8. The electronic commerce card authentication system of claim 1, 

2 wherein the authentication request includes a pseudonym previously created by a merchant 

3 system that corresponds to an electronic commerce card account number. 

1 9. The electronic commerce card authentication system of claim 1, 

2 wherein the central transaction server is adapted to initiate a charge request via a card 

3 association network in response to receiving an authentication response from the access 

4 control server. 

1 10. A method of authenticating electronic commerce card information 

2 provided by a cardholder, the method comprising: 

3 receiving an authentication request from a cardholder system; 

4 forwarding the authentication request to an access control server; 

5 relaying authentication information between the access control server and the 

6 cardholder system; 

7 receiving an authentication response from the access control server; and 

8 forwarding the authentication response to the cardholder system. 

1 11. The method of claim 10, wherein the authentication response is 

2 adapted to be analyzed by a merchant system. 

1 12. The method of claim 10, further comprising forwarding a copy of the 

2 authentication response to an authentication history server to be archived. 

1 13. The method of claim 10, further comprising receiving a verifying 

2 enrollment request from a directory server, and sending a verifying enrollment response to 

3 the directory server. 

1 14. The method of claim 13, wherein the verifying enrollment response is 

2 sent in response to a query to the access control server. 

1 15. The method of claim 13, wherein the verifying enrollment response is 

2 sent to the directory server without querying the access control server, and further comprising 

3 querying the access control server in response to receiving an authentication request. 
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1 16. The method of claim 10, wherein the authentication request includes a 

2 pseudonym previously created by the central transaction server that corresponds to an 

3 electronic commerce card account number. 

1 17. The method of claim 10, wherein the authentication request includes a 

2 pseudonym previously created by a merchant system that corresponds to an electronic 

3 commerce card account number. 

1 18. The method of claim 1 , further comprising initiating a charge request 

2 via a card association network in response to receiving an authentication response from the 

3 access control server. 

1 19. An information storage medium including a set of instruction adapted 

2 to operate an information processing device to perform a set of steps, the set of steps 

3 comprising: 

4 receiving an authentication request from a cardholder system; 

5 forwarding the authentication request to an access control server; 

6 relaying authentication information between the access control server and the 

7 cardholder system; 

8 receiving an authentication response from the access control server; and 

9 forwarding the authentication response to the cardholder system. 

1 20. The information storage medium of claim 19, wherein the 

2 authentication response is adapted to be analyzed by a merchant system. 

1 21. The information storage medium of claim 19, wherein the set of steps 

2 further comprises forwarding a copy of the authentication response to an authentication 

3 history server to be archived. 

1 22. The information storage medium of claim 19, wherein the set of steps 

2 further comprises receiving a verifying enrollment request from a directory server, and 

3 sending a verifying enrollment response to the directory server. 

1 23. The information storage medium of claim 22, wherein the verifying 

2 enrollment response is sent in response to a query to the access control server. 
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1 24. The information storage medium of claim 22, wherein the verifying 

2 enrollment response is sent to the directory server without querying the access control server, 

3 and the set of steps further comprise querying the access control server in response to 

4 receiving an authentication request. 

1 25. The information storage medium of claim 19, wherein the 

2 authentication request includes a pseudonym previously created by the central transaction 

3 server that corresponds to an electronic commerce card account number. 

1 26. The information storage medium of claim 19, wherein the 

2 authentication request includes a pseudonym previously created by a merchant system that 

3 corresponds to an electronic commerce card account number. 

1 27. The information storage medium of claim 19, wherein the set of steps 

2 further comprises initiating a charge request via a card association network in response to 

3 receiving an authentication response from the access control server. 

1 28. The method of claim 14, further comprising: 

2 receiving the verifying enrollment response from the access control server in 

3 response to the query; and 

4 forwarding the verifying enrollment response to the directory server. 

1 29. The method of claim 28, further comprising: 

2 modifying the verifying enrollment response received from the access control 

3 server; and 

4 forwarding the modified verifying enrollment response to the directory server. 

1 30. The information storage medium of claim 22, further comprising: 

2 receiving the verifying enrollment response from the access control server in 

3 response to the query; and 

4 forwarding the verifying enrollment response to the directory server. 

1 31. The information storage medium of claim 30, further comprising: 

2 modifying the verifying enrollment response received from the access control 

3 server; and 
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forwarding the modified verifying enrollment response to the directory server. 
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